Secure Linking: a Framework for Trusted Software Components

Report ID: TR-662-02

---

Author: Lee, Eunyoung / Appel, Andrew W.

---

Date: 2002-09-00

---

Pages: 10

---

Download Formats: |PDF| |Postscript|

---

Abstract:

In linking together a software system from components in the presence of multiple versions, digital signatures, static type information, software fetched over networks, multiple vendors, local libraries, and so on, the policies guiding linking may be quite complex. We show how to describe such policies in a ``linking logic'' that is modular and provably sound. We show a prototype implementation, and we show that this logic is expressive and general enough to describe a real-world system: the Microsoft .NET ``assembly'' versioning system. The framework is general and expressive enough to represent other existing linking systems and to help different linking systems (and public key infrastructures) interoperate.